systemd through v245 mishandles numerical usernames such as ones composed of decimal digits or 0x followed by hex digits, as demonstrated by use of root privileges when privileges of the 0x0 user account were intended. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000082.

CPENameOperatorVersion
fedoraeq32
systemdle245

CPE	Name	Operator	Version
	fedora	eq	32
	systemd	le	245

References

github.com/systemd/systemd/issues/15985

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IYGLFEKG45EYBJ7TPQMLWROWPTZBEU63/

security.netapp.com/advisory/ntap-20200611-0003/

osv 3

openvas 8

nessus 20

cve 2

veracode 1

nvd 2

ubuntucve 2

f5 1

debiancve 2

broadcom 1

cvelist 2

prion 1

redhatcve 2

altlinux 1

mageia 1

fedora 1

cbl_mariner 1

rocky 1

almalinux 1

redhat 12

oraclelinux 1

photon 6

amazon 1

kitploit 1

rosalinux 1

ibm 2

ics 1

osv

CVE-2020-13776

2020-06-03 03:15:10

CVE-2017-1000082

2017-07-07 17:29:00

Moderate: systemd security, bug fix, and enhancement update

2021-05-18 05:39:12

openvas

Huawei EulerOS: Security Advisory for systemd (EulerOS-SA-2021-1258)

2021-02-05 00:00:00

Huawei EulerOS: Security Advisory for systemd (EulerOS-SA-2021-1174)

2021-02-02 00:00:00

Huawei EulerOS: Security Advisory for systemd (EulerOS-SA-2021-1534)

2021-03-05 00:00:00

nessus

EulerOS 2.0 SP9 : systemd (EulerOS-SA-2021-1277)

2021-02-05 00:00:00

EulerOS 2.0 SP9 : systemd (EulerOS-SA-2021-1258)

2021-02-05 00:00:00

EulerOS Virtualization for ARM 64 3.0.6.0 : systemd (EulerOS-SA-2021-1534)

2021-03-04 00:00:00

cve

CVE-2020-13776

2020-06-03 03:15:10

CVE-2017-1000082

2017-07-07 17:29:00

veracode

Privilege Escalation

2020-06-04 05:32:51

nvd

CVE-2020-13776

2020-06-03 03:15:10

CVE-2017-1000082

2017-07-07 17:29:00

ubuntucve

CVE-2020-13776

2020-06-03 00:00:00

CVE-2017-1000082

2017-07-07 00:00:00

K04572666 : systemd vulnerability CVE-2020-13776

2020-07-02 00:00:00

debiancve

CVE-2020-13776

2020-06-03 03:15:10

CVE-2017-1000082

2017-07-07 17:29:00

broadcom

A flaw was found in systemd, where it mishandles numerical usernames beginning with decimal digits, or "0x" followed by hexadecimal digits.(CVE-2020-13776)

2023-11-07 00:00:00

cvelist

CVE-2020-13776

2020-06-03 02:05:22

CVE-2017-1000082

2017-07-07 17:00:00

prion

Design/Logic Flaw

2017-07-07 17:29:00

redhatcve

CVE-2017-1000082

2017-07-07 04:48:35

CVE-2020-13776

2020-06-09 13:24:53

altlinux

Security fix for the ALT Linux 9 package systemd version 1:243.9-alt1

2020-10-06 00:00:00

mageia

Updated systemd packages fix a security vulnerability

2021-07-01 02:58:41

fedora

[SECURITY] Fedora 32 Update: systemd-245.7-1.fc32

2020-07-30 18:57:56

cbl_mariner

CVE-2020-13776 affecting package systemd 239-44

2020-11-30 19:30:44

rocky

systemd security, bug fix, and enhancement update

2021-05-18 05:39:12

almalinux

Moderate: systemd security, bug fix, and enhancement update

2021-05-18 05:39:12

redhat

(RHSA-2021:1611) Moderate: systemd security, bug fix, and enhancement update

2021-05-18 05:39:12

(RHSA-2021:3900) Moderate: systemd security update

2021-10-19 06:25:55

(RHSA-2021:4582) Moderate: Release of components for Service Telemetry Framework 1.3.3 - Container Images

2021-11-10 07:54:39

oraclelinux

systemd security, bug fix, and enhancement update

2021-05-25 00:00:00

photon

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-2.0-0252

2020-06-10 00:00:00

Moderate Photon OS Security Update - PHSA-2020-0252

2020-06-10 00:00:00

Important Photon OS Security Update - PHSA-2020-0103

2020-06-12 00:00:00

amazon

Important: systemd

2022-09-30 07:04:00

kitploit

Master_Librarian - A Simple Tool To Audit Unix/*BSD/Linux System Libraries To Find Public Security Vulnerabilities

2022-03-09 20:30:00

rosalinux

Advisory ROSA-SA-2021-1982

2021-07-02 18:13:58

ibm

Security Bulletin: IBM QRadar SIEM Application Framework Base Image is vulnerable to using components with Known Vulnerabilities

2021-12-03 18:52:37

Security Bulletin: Cloud Pak for Security uses packages that are vulnerable to several CVEs

2021-10-19 15:38:04

ics

Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP V3.1

2023-12-14 12:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

8.1 High

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.7%

JSON

Related for PRION:CVE-2020-13776